Device Security Configuration Assessment
Risk Defenders will assess your system devices such as; workstations, laptops, tablets, smart phones, wireless access points, servers and networking equipment to ensure that they are hardened to industry standards and secure in alignment with your corporate security policy. Improperly configured devices can be compromised and have their data destroyed or stolen, used to store illegal data, relay spam e-mail, used for inappropriate purposes which violate your policy and expose your data, or attack other systems. In working with your local IT team, Risk Defenders will review the system build and rollout lifecycle to ensure that each phase of the cycle aligns with your corporate policy and procedures and with compliance requirements or best practice frameworks. This assessment will consist of remote scans and onsite baseline validations.
The assessment will include of the following:
- Physically securing the workstation and mobile devices.
- Ensure that all mobile devices are password or pin protected.
- Check for installation of anti-virus protection and verifying up-to-date signatures.
- Check for and enforce screen saver timeout and passwords.
- Re-configure default passwords and configurations.
- Eliminating unnecessary services.
- Eliminating programs or services which cause unnecessary security risks or are not required.
- Reviewing and managing file permissions.
- Establishing restrictions on user accounts and access.
- Ensure that logging is available and active.
- Establish browsing restrictions and content filtering.
- Review of how easy it is to crack all active directory passwords on your domain.
- And many other best practices checks as aligned with CIS and other standards.